Authentication

 
 
Picture of Jeff Graham
LDAP authentication can't set idnumber as dn
 
Hello all,

I noticed a bug in the LDAP authentication code. We are trying to set the users idnumber field as the dn for the user.

However, in the function 'auth_get_userinfo()' there is a bug. For our LDAP entry, since the dn is not entered as an array, it only grabs the first character of the string entry resulting in the idnumber field getting set to 'u' for everyone. A simple is_array solves the problem. Attached is a diff file (from MOODLE_15_STABLE) for lib.php in '$CFG->dirroot/auth/ldap'

Could somebody please review this and patch in CVS? It is tested and working for us. I would do it myself, but I'm not sure what etiquette says for editing code done by others unless you are one of the core developers.

regards,
Jeff
 
Average of ratings: -
Picture of Dan Marsden
Re: LDAP authentication can't set idnumber as dn
Group DevelopersGroup Moodle Course Creator Certificate holdersGroup Particularly helpful MoodlersGroup Translators

Hi Jeff - well done on finding the cause! - I had a discussion with Martin Langhoff a while back with this issue, but we didn't end up finding the actual cause - I'm running a hack in our version that works, but your solution looks much cleaner!

smile

Dan

 
Average of ratings: -
Martin Langhoff - Sailing
Re: LDAP authentication can't set idnumber as dn
Group DevelopersGroup Particularly helpful Moodlers
Good stuff! Are you not having problems with the length of the DN hitting idnumber's length?
 
Average of ratings: -
Picture of Jeff Graham
Re: LDAP authentication can't set idnumber as dn
 
Hi Martin,

No we aren't, at least in 1.5.

Looking at the field length in the db had me a little worried, but fortunately our entries are rather short. I think the longest possible one we would have is 39 characters (less than the 64 limit). However, I think that field should be expanded for general purpose as more people are probably going to begin using LDAP and it makes sense that the user dn would be the idnumber which could be rather long depending on the schema used.

regards,
Jeff
 
Average of ratings: -
Martin Langhoff - Sailing
Re: LDAP authentication can't set idnumber as dn
Group DevelopersGroup Particularly helpful Moodlers
In CVS now. Thanks!
 
Average of ratings: -
Picture of Dan Marsden
Re: LDAP authentication can't set idnumber as dn
Group DevelopersGroup Moodle Course Creator Certificate holdersGroup Particularly helpful MoodlersGroup Translators

did you increase the length of idnumber too?

smile

Dan

 
Average of ratings: -